Case Study 9: Implementing VPLS Services with the GSR 12000 Series

Case Study 9 Implementing VPLS Services with the GSR 12000 Series

VPLS services emulate an Ethernet bridge in an IP/MPLS network. It is an end-to-end architecture that allows IP/MPLS networks to provide multipoint Ethernet services. Operation is similar to an Ethernet bridge; that is, it forwards using the destination MAC address, learns source addresses, and floods broad-/multicast. Several IETF VPLS drafts exist that are based on LDP and BGP. This feature and its implementation on a GSR 12000 series router form the core of this case study.

Figure 14-49 depicts an MPLS-enabled GSR network that implements different VPLS services along with the base configurations prior to the implementation of VPLS services on the PE routers.

Figure 14-49. Case Study 9: Topology and PE Router Configuration

 

Theory and Operation of VPLS on a GSR 12000 Series

Figure 14-50 shows the various VPLS architectures that can be deployed in today's SP networks. VPLS is a service targeted for enterprise networks to connect geographically separate LAN segments together across a WAN. It enables these separate LAN segments to act as a single LAN. VPLS technology seamlessly enables transparent LAN services or TLS across WAN boundaries.

Figure 14-50. VPLS Deployment Architectures

GSR VPLS can be used for the deployment of point-to-multipoint and multipoint-to-multipoint L2 VPN services on the ISE-based (Internet Services Engine or Engine 3) Ethernet LCs. With the introduction of ISE-based Ethernet LCs, GSR has the capability to do MAC address-based learning, forwarding/flooding, and aging. This enables GSR to extend the L2 VPN solution to include VPLS. At this juncture, VPLS implementation is targeted toward MPLS-based networks using LDP.

GSR supports the implementation of these VPLS services where the physical port can be of EtherType 0x8100 or 0x9100 categorized as the following services:

  • Ethernet VPLS service – The attachment circuit is an Ethernet port.
  • VLAN VPLS service – The attachment circuit is a dot1q VLAN subinterface.
  • QinQ VPLS service – The attachment circuit is a sub-interface where the user specifies the inner and outer dot1q VLAN tags explicitly.
  • QinAny VPLS service – The attachment circuit is a sub-interface where the user only specifics the outer dot1q VLAN tag explicitly, and the inner dot1q tag can be any VLAN value (i.e., 1-4095).

Table 14-1 summarizes the VPLS support details on the GSR routers in 12.0(32)S IOS release. For the latest information on platform and feature support and availability, visit http://cco.cisco.com.

Table 14-1. VPLS Support on GSR Platforms

Release

Route Processor

Edge Facing Cards

Core Facing Cards

IOS 12.0(32)S

PRP-1

PRP-2

Engine 3 ISE GE

Engine 3 ISE GE/POS

Engine 5 SIP 600

Engine 5 SIP 401/501/601

 

GSR VPLS Packet Forwarding

Figure 14-51 shows the steps in the forwarding of a VPLS packet as it traverses the MPLS network illustrated earlier from CE1-A to CE2-A.

Figure 14-51. VPLS Packet Forwarding on GSR

The steps highlighted in Figure 14-51 are as follows:

1.

CE-1 sends unicast frames to CE-2 over the VLAN 2000 dot1q trunk.
 

2.

VPLS instance VPLS_2000 on N-PE A "learns" CE-1 MAC address from VLAN 2000 dot1q trunk attachment circuit.
 

3.

Because M2 is unknown, N-PE A "floods" (replicates) the frame to all the pseudo wires (pseudo wires go to N-PE B and N-PE C).
 

4.

Both N-PE B and N-PE C "learn" CE-1 MAC address from pseudo wire. (Note: MAC is associated to the remote VC label.)
 

5.

Because M2 is unknown, N-PE B and N-PE C "flood" the frame to all the local ports (and not the pseudo wires).
 

Figure 14-52 depicts the VPLS forwarding of a packet from CE2-A to CE1-A across the VPLS domain when CE2 replies to CE1.

Figure 14-52. VPLS Packet Forwarding on GSR from CE2-CE1

The steps outlined in Figure 14-52 are as follows:

6.

CE-2 replies to CE-1 after finding the frame is destined for one of its hosts.
 

7.

N-PE B "learns" CE-2 MAC address from VLAN 2000 dot1q trunk attachment circuit.
 

8.

N-PE B inspects MAC table and forwards frame toward N-PE A (with remote label 23 – frame is not sent to N-PE C).
 

9.

N-PE A "learns" CE-2 MAC address from the pseudo wire.
 

10.

N-PE A "forwards" frame to CE-1. N-PE A stops flooding frames to N-PE C and establishes a unicast forwarding data path.
 

11.

N-PE C "ages out" MAC entry for CE-1 after the aging timer expires.
 

The full mesh of pseudo wires between all GSR PE routers guarantees frame delivery. To prevent packet forwarding loops in VPLS instance, split horizon functionality is enabled by default on attachment circuits and pseudo wires.

Each VPLS forwarding instance maintains one copy of a MAC table (qualified learning). The MAC table is a list of "known" MAC addresses and their forwarding information. The MAC table and its management are distributed – a copy of the MAC table is maintained on the route processor and on line cards. When a packet is received from an attachment circuit or pseudo wire, only the source MAC address is learned on the edge facing (imposition) line card. The destination address is not learned. Learning is performed by line card CPU. Two copies of a MAC table are created where the software copy is stored in the LC RP CPU memory, and the hardware copy is programmed into LC ASICs for hardware based forwarding.

For packets arriving on an attachment circuit, learning happens in the edge facing card (RX direction). For packets arriving on a pseudo wire, learning happens in the core facing card (TX direction). New entries learned are sent to the route processor, and it instructs all line cards participating in that VPLS instance to add the new address into their MAC table. The route processor maintains the master copy and periodically refreshes the copy on all line cards. Entries in the MAC table can age out, and the aging timer is configurable per VPLS instance. The MAC table size is configurable on a per forwarding instance basis.

GSR VPLS implementation also supports a rich feature set for association of QoS. On the ingress side, the VPLS feature can be used with

  • VPLS traffic classification based on the destination address being known, unknown, or multicast
  • Traffic classification based on VLAN P bits
  • Setting MPLS EXP bits in the VC label
  • Color aware and color blind 1 rate 2 color policer
  • Color aware and color blind 2 rate 3 color policer
  • Setting MPLS EXP bits as a result of policer action
  • Per port/VLAN/QinQ/QinAny interface shaping

On the egress side, the VPLS feature can be used with

  • Setting VLAN P bits
  • Per port/VLAN/QinQ/QinAny interface shaping
  • Per port/VLAN/QinQ/QinAny WRED and MDRR

One of the key features on the GSR is that, on the same physical port, the user can enable VPLS on a set of subinterfaces and, on the rest of the subinterfaces, enable any other Layer 2 or 3 features (i.e., L2 AToM, or IPv4 or IPv6 features) with full QoS. This is possible because each subinterface is allocated its own set of queues, and its properties are programmed in hardware ASICs.

GSR VPLS Requirements and Configuration

This list summarizes VPLS caveats in IOS 12.0(32)S. It applies to Engine 3 GE imposition line card only on 12.0(32)S:

  • Edge facing engine 3 GE line card cannot have dissimilar attachment circuits associated with the same VPLS instance (i.e., cannot have Ethernet and VLAN attachment circuits on same line card). Only homogeneous attachment circuits are allowed.
  • On Engine 3 GE imposition line card, one VLAN subinterface is supported per VPLS instance on a port.
  • Engine 3 GE line card can be used as an edge or a core facing line card. The same line card cannot be used for edge and core facing links.

Refer to http://www.cisco.com for more information on other specific caveats by IOS release when implementing VPLS on the GSR.

Figure 14-53 shows the steps required for the configuration of different VPLS on the PE routers (GSR) when implementing Ethernet, VLAN, QinQ, and QinAny services.

Figure 14-53. Configuration Flowchart for GSR VPLS Services

As shown in Figure 14-53, the only difference between the QinQ and QinAny modes is that a control word mapping to the top as well as bottom VLAN is generated on ingress in the QinQ mode whereas the control word mapping to only the top VLAN is generated on ingress in the QinAny mode.

Figure 14-54 shows the configuration of the PE routers when used to implement each of the VPLS services depicted in Figure 14-50.

Figure 14-54. Configuration for GSR VPLS Services

Verification of GSR VPLS service operation can be performed by issuing any one of the following commands on the PE routers. Visit cco.cisco.com for more information on the following commands:

  • show vfi name name-of-vpls-VFI-instance
  • show xconnect interface interface
  • show mpls l2transport vc vc-id detail
  • show mac address-table bridge-domain bridge-domain-id

MPLS Overview

Basic MPLS Configuration

Basic MPLS VPN Overview and Configuration

PE-CE Routing Protocol-Static and RIP

PE-CE Routing Protocol-OSPF and EIGRP

Implementing BGP in MPLS VPNs

Inter-Provider VPNs

Carrier Supporting Carriers

MPLS Traffic Engineering

Implementing VPNs with Layer 2 Tunneling Protocol Version 3

Any Transport over MPLS (AToM)

Virtual Private LAN Service (VPLS)

Implementing Quality of Service in MPLS Networks

MPLS Features and Case Studies



MPLS Configuration on Cisco IOS Software
MPLS Configuration on Cisco IOS Software
ISBN: 1587051990
EAN: 2147483647
Year: 2006
Pages: 130

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net